Spooftooph is designed to automate spoofing or cloning Bluetooth device Name, Class, and Address. Cloning this information effectively allows Bluetooth device to hide in plain site. Bluetooth scanning software will only list one of the devices if more than one device in range shares the same device information when the devices are in Discoverable Mode (specificaly the same Address).

Spooftooph has several options for Bluetooth device information modification:

Option 1: Continuously scan an area for Bluetooth devices. Make a selection on which device in the list to clone. This option also allows for logging of the scanned devices.

Option 2: Randomly generate and assign valid Bluetooth interface information. The class and address are randomly generated and the name is derived from a list of the top 100 most common names in US and the type of device. For example if the randomly generated class is a phone, SpoofTooph might generate the name “Bob’s Phone”.

Option 3: Specify the name, class, and address a user wishes for the Bluetooth interface to have.

Option 4: Read in the log of previous scans and select a device to clone. Users can also manually add Bluetooth profiles to these log files.

Option 5: Incognito mode. Scan for and clone new devices at user assigned intervals.

This tool is heavily based on bdaddr (by Marcel Holtmann) and hciconfig (by Qualcomm Incorporated, Maxim Krasnyansky, and Marcel Holtmann) from BlueZ.

 

Download

Name: spooftooph-0.4.tar.gz
MD5: dbcc020aef5252aa17eee7b7af1c79eb
Download: Click Here

Log

v0.4 – 03/24/11 :

– Save file on exit.
– Fixed problem with saving log.
– Fixed problem with closing threads.
– Changed probes for device name. Scan runs much much faster now.

v0.3 – 02/14/11 :

– Fixed socket closing error
– Fixed log data verification for valid ADDR and CLASS
– Changed logging format to CSV: ADDR,CLASS,NAME
– Added -m flag for choosing multiple interfaces to use for cloning
(Useful to test Man-In-The-Middle attacks)
– Fixed the problem with reading in the Class from a log
– Fixed overflow problem with array of devices
– Fixed selection of Bluetooth interface from a always using interface hci0
– Changed device array to dynamically resize
– Added -b flag for specifying the number of Bluetooth devices to display per page

v0.1 – 03/03/10 :

– Initial release

Usage

To modify the Bluetooth adapter, spooftooth must be run with root privileges. Spooftooph offers five modes of usage:

1) Specify NAME, CLASS and ADDR.

> spooftooph -i hci0 -n new_name -a 00:11:22:33:44:55 -c 0x1c010c 

2) Randomly generate NAME, CLASS and ADDR.

> spooftooph -i hci0 -r

3) Scan for devices in range and select device to clone. Optionally dump the device information in a specified log file.

> spooftooph -i hci0 -s -d file.log

4) Load in device info from log file and specify device info to clone.

> spooftooph -i hci0 -l file.log

5) Clone a random devices info in range every X seconds.

> spooftooph -i hci0 -t 10

Explore More

SQLi vulnerabiltiy in irrawaddy store owned by Irrawaddy Publishing Group.

PlanetCreator.Net’s Security Team Member Info Freakzz <infofreakzzz(at)gmail.com> has reported another critical SQL Injection (vulnerability) on http://www.irrawaddystore.com owned by Irrawaddy Publishing Group. These are some information from Vulneral Site http://www.irrawaddystore.com :

What is a virus?

A virus is a malicious program that passes from one computer to another in the same way as a biological virus passes from one person to another. Most viruses are

What are the steps for security evaluation?

The ethical hacking project comprises three phases, summarized as follows: 1. Preparation: In this phase, a formal contract that contains a non-disclosure clause as well as a legal clause to